FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 11: Defense in Depth, Software Development, and Data Analysis

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 1

Multiple Choice

Review LaterAdd Note

Review Later

A growing organization has recently created a policy that everyone in upper management must train each other in various aspects of their jobs.They must also train one of their direct reports to perform key parts of their jobs. The object is to establish continuity of the organization's operations if something catastrophic happens to a manager. Which of the following terms best describes the type of policy that has been implemented?

A) Succession planning
B) Job rotation
C) Dual control
D) Separation of duties

Correct Answer

verified

A

Question 2

Multiple Choice

Review LaterAdd Note

Review Later

Hannah has just been hired to review a large organization's formal IT processes and procedures. She finds that the company's backup methods create unacceptable risks because of potential data loss in a disaster, such as a fire. She recommends backing up the company's data to the cloud instead of storing magnetic tapes onsite. Which of the following best describes Hannah's recommendations?

A) Non-repudiation
B) Succession planning
C) Request for change
D) Process retirement

Correct Answer

verified

D

Question 3

Multiple Choice

Review LaterAdd Note

Amadeus is composing a new web application that his organization will make available to the general public. The site will offer users the ability to sign up for accounts and interact with certain functions of the application. Which of the following should he ensure is done as part of the sign-up process?

Brianne wants to find some best practices to share with the development team in her organization. Which of the following is not a good source for this type of information?

Chase has found a virtual machine on one of the hosts in the data center that has been capturing packets, logging all of the GET and POST requests and parameters, and forwarding that information outside of the network. Which of the following best describes what he might have discovered?

Phil wants to determine whether the new email filter on the company's mail server has been effective in reducing the number of malware instances detected on user computers. Which of the following is the best answer to describe what he should use for his analysis?

Paris is designing the logical configuration for the company's new headquarters building. He knows that several departments, including Human Resources and the research and development group, should not be able to communicate with each other. Which of the following should he include as part of the network design requirements?

Aurelia has just modified a module in one of her company's software applications to add a new feature. Which of the following should be done to ensure that the changes did not adversely affect any other areas of the application?

Marcus, a cybersecurity manager, wants to perform random audits on user systems. He knows that a complete audit of one system could take an entire day or more. Which of the following might he implement to allow him to accomplish these random audits?

Octavius has developed a new application and wants to ensure that there are no issues with memory corruption or program crashes as a result of certain types of input being sent to the application. Which of the following might he use to meet this goal?

Samara needs to retrieve the private key from the key escrow service her company uses.Upon trying to retrieve the key, she is advised that at least two authorized personnel must request the key before it can be released. Which of the following has been implemented by the key escrow service?

Tonia has just completed an audit of the accounts payable system and discovered what appears to be the embezzlement of funds by a clerk.The clerk was able to create entries of payments to be made and was also allowed to approve the payments. Which of the following might have prevented this situation from occurring and should be implemented immediately?

Marilla is creating an application that will be installed on all client computers in her organization. Which of the following should be performed before the application is compiled and distributed?

Muhammed is a cybersecurity engineer for a quickly growing organization. He is concerned that his team may not be able to keep up with the growth, and that a system might remain vulnerable to certain exploits. He is considering taking advantage of the cloud to help accommodate the growth. Which of the following might he choose to use?

Falik has just returned from a cybersecurity conference where he learned about a UTM that provides some new features he would like to implement within his network. Which of the following best describes what he would like to implement?